my question is can this be done completely on the internal LAN? ie, have a virtual IP appear on the LAN that is redirected to multiple real IP addresses that are also on the LAN? if yes, how is it done?Balancing involves some type of NAT, so you cannot do that in the LAN (yes with another interfaces like a DMZ altough)
btw, the manual shows that there are many " types" of load balancing in a pull-down menu, including HTTP, HTTPS, SSL, TCP, etc. however, on my unit, when i create a new virtual server, the only choices are HTTP, TCP, UDP and IP. can' t find any of the other choices described. same thing for persistence. only 2 choices and the SSL one is always greyed out. anyone know why?LB ' types' are directly related with virtual port settings
regards
/ Abel
Balancing involves some type of NAT, so you cannot do that in the LAN (yes with another interfaces like a DMZ altough)the destination can be on different interfaces but its not necessary: 10.1.1.1/24 points to 10.1.2.1/24 and 10.1.3.1/24 It also works on the same Interface: LB VIP from 10.1.1.1/24 with destination 10.1.1.2/24 and 10.1.1.3/24 on the same Interface will work. regards Maik
It also works on the same Interface: LB VIP from 10.1.1.1/24 with destination 10.1.1.2/24 and 10.1.1.3/24 on the same Interface will work.To be able to do such VIPs doesn' t enable LB scenario at all; look rocampo' s above post about 3way handshake.
regards
/ Abel
ORIGINAL: Maik it works. I can say that, because I have such a setup in a real life environment. regards MaikI' d be interested in this. We are looking at load balancing our LDAP requests due to crappy software support. Most of our internal (LAN side) processes LDAP and can load balance or fail over another LDAP server just fine. A few (with lousy support) can only hit one LDAP server period. For those, we would like to load balance on the internal (but it' s doesn' t have to be) interface to multiple LDAP servers.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1739 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.